class ApplicationController < ActionController::Base
  # Prevent CSRF attacks by raising an exception.
  # For APIs, you may want to use :null_session instead.
  protect_from_forgery with: :exception
  
  before_action :authenticate_user!
  
  layout 'wdw'

 

  rescue_from CanCan::AccessDenied do |exception|
    flash[:warning] = '您没有权限哦! 请联系统管理员'
    redirect_to request.referer || root_path
    #render :js => "alert(#{exception.message});"
  end
  
  
  private


  def create_note opts={}
    Note.create(note_params.merge(opts))
  end


  def note_params
    project_id = 0
    {:ip => request.remote_ip, :user_id => current_user.id,:controller=>controller_name, :action=>action_name,:project_id=>project_id }
  end



end
